CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

194 matches found

WordPress JNews Theme <8.0.6 - Cross-Site Scripting

WordPress JNews theme before 8.0.6 contains a reflected cross-site scripting vulnerability. It does not sanitize the catid parameter in the POST request /?ajax-request=jnews with action=jnewsbuildmegacategory. id: CVE-2021-24342 info: name: WordPress JNews Theme =8.0.6 to mitigate the XSS...

6.1CVSS6.2AI score0.02284EPSS

Exploits2References4

Vulnrichment•added 3 days ago•2 views

CVE-2026-10296 itsourcecode Fees Management System ajax.php sql injection

A vulnerability was determined in itsourcecode Fees Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php. Executing a manipulation of the argument Username can lead to sql injection. The attack may be performed from remote. The exploit has been publicl...

6.5CVSS6.4AI score0.00033EPSS

Exploits0References6

EUVD•added 2026/05/21 5:10 p.m.•3 views

EUVD-2026-31319

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/mobilemain.php where the id GET parameter is concatenated into the WHERE clause of a SELECT statement used as a ticket-existence sanity check without sanitization. Authenticated attackers can craft requests that alter...

7.1CVSS5.9AI score0.00027EPSS

Exploits0References3

EUVD•added 2026/05/17 12:11 p.m.•6 views

EUVD-2018-21848

Google Drive for WordPress 2.2 contains a path traversal vulnerability that allows unauthenticated attackers to read arbitrary files by injecting directory traversal sequences in the filename parameter. Attackers can send POST requests to gdrive-ajaxs.php with the ajaxstype parameter set to...

8.7CVSS5.9AI score0.00683EPSS

Exploits0References3

ATTACKERKB•added 2026/05/16 3:26 p.m.•3 views

CVE-2021-47979

WordPress Plugin Backup and Restore 1.0.3 contains an arbitrary file deletion vulnerability that allows authenticated attackers to delete files by manipulating parameters in AJAX requests. Attackers can send POST requests to admin-ajax.php with crafted filename and foldername parameters to delete...

8.8CVSS5.9AI score0.00055EPSS

Exploits0References4Affected Software1

ATTACKERKB•added 2026/03/26 6:0 a.m.•1 views

CVE-2025-15488

The Responsive Plus WordPress plugin before 3.4.3 is vulnerable to arbitrary shortcode execution due to the software allowing unauthenticated users to execute the updateresponsivewoofreeshippingleftshortcode AJAX action that does not properly validate the contentrechdata parameter before processi...

6.5CVSS6.2AI score0.00051EPSS

Exploits0References1

CVE•added 2026/03/24 4:27 a.m.•6 views

CVE-2026-3138

The CVE-2026-3138 entry concerns the WordPress plugin “Product Filter for WooCommerce by WBW.” It identifies an unauthorized data-loss vulnerability caused by missing capability checks and unauthenticated AJAX handlers registered via wp_ajax_nopriv_ hooks, combined with a base controller’s __call...

6.5CVSS5.8AI score0.00078EPSS

Exploits0References7

Cvelist•added 2026/03/24 4:27 a.m.•26 views

CVE-2026-3138 Product Filter for WooCommerce by WBW <= 3.1.2 - Missing Authorization to Unauthenticated Filter Data Deletion via TRUNCATE TABLE

The Product Filter for WooCommerce by WBW plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check in all versions up to, and including, 3.1.2. This is due to the plugin's MVC framework dynamically registering unauthenticated AJAX handlers via wpajaxnopriv...

6.5CVSS0.00078EPSS

Exploits0References7

Cvelist•added 2026/03/21 3:26 a.m.•27 views

CVE-2026-4127 Speedup Optimization <= 1.5.9 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Update via 'speedup01_enabled' AJAX Action

The Speedup Optimization plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including 1.5.9. The speedup01ajaxenabled function, which handles the wpajaxspeedup01enabled AJAX action, does not perform any capability check via currentusercan and also lacks nonce...

4.3CVSS0.00042EPSS

Exploits0References5

Patchstack•added 2025/12/31 12:0 a.m.•4 views

WordPress Frontend Dashboard plugin 1.5.10 - 2.2.7 - Missing Authorization to Authenticated (Subscriber+) Account Takeover/Privilege Escalation via ajax_request Function vulnerability

WordPress Frontend Dashboard plugin 1.5.10 - 2.2.7 - Missing Authorization to Authenticated Subscriber+ Account Takeover/Privilege Escalation via ajaxrequest Function vulnerability discovered by kr0d in WordPress Plugin Frontend Dashboard versions 1.5.10-2.2.7...

8.8CVSS5.9AI score0.00394EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2025/12/12 7:20 a.m.•0 views

CVE-2025-10583 WP Fastest Cache Premium <= 1.7.4 - Missing Authorization to Authenticated (Subscriber+) Blind Server-Side Request Forgery

The WP Fastest Cache Premium plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.7.4 via the 'getservertimeajaxrequest' AJAX action. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web reques...

3.5CVSS5.8AI score0.0003EPSS

Exploits0References4

OSV•added 2025/10/18 4:16 a.m.•2 views

CVE-2025-11378

The ShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIF plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'shortpixelajaxRequest' AJAX action in all versions up to, and including, 6.3.4. This makes it possible for...

5.4CVSS5AI score0.00049EPSS

Exploits0References4

Cvelist•added 2025/10/18 3:33 a.m.•6 views

CVE-2025-11378 ShortPixel Image Optimizer <= 6.3.4 - Authenticated (Contributor+) Settings Import/Export

5.4CVSS0.00049EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•0 views

EUVD-2021-10850

Malware in sbrugna...

6.1CVSS6.3AI score0.00174EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•1 views